Documentation

Get started with FlowViz in minutes. Self-host the open-source tool and start analyzing threat reports.

Quick Start

1.Clone the Repository

git clone https://github.com/davidljohnson/flowviz.git
cd flowviz

2.Install Dependencies

npm install

3.Configure Your API Key

Copy the example environment file and configure your LLM API key:

cp .env.example .env

Then edit .env and set your API key:

ANTHROPIC_API_KEY=your_anthropic_api_key_here

Get your API key from your LLM provider's console (Anthropic, OpenAI, etc.)

4.Start the Development Server

npm run dev:full

Open http://localhost:5173 in your browser

How to Use FlowViz

1.Enter Article URL

Paste a URL from any security blog or threat report. FlowViz supports most major security blogs including The Hacker News, Bleeping Computer, Krebs on Security, and more.

2.AI Analysis

AI extracts attack patterns and maps them to MITRE ATT&CK framework. Watch in real-time as the flow builds.

3.Interact & Export

Explore the interactive diagram - zoom, pan, and click nodes for details. Export to PNG, JSON, or STIX format for documentation.

Advanced Topics

Model Selection

Configure your preferred AI model in the .env file. Models with larger context windows are recommended for complex security analysis.

# Example model configuration
ANTHROPIC_MODEL=claude-sonnet-4-5-20250929

# See .env.example for available options

Custom Prompts

Modify the AI prompts in src/lib/prompts.ts to customize extraction behavior for your specific use cases.

STIX Export

FlowViz exports STIX 2.1 compatible JSON for integration with threat intelligence platforms. Use the export button after generating a flow.

Secure Internal Deployment

FlowViz is designed for internal, self-hosted deployment to protect your API keys and data. Follow these secure deployment practices:

  • Internal hosting only: Deploy behind your organization's firewall or VPN
  • Server-side proxy: Implement a backend API proxy to handle LLM API calls - never expose keys to the client
  • Environment variables: Store API keys in server-side environment variables only
  • Access control: Implement authentication and authorization for all users
  • Build command: npm run build for production
Security Warning: Do not deploy to public hosting platforms (Vercel, Netlify, etc.) without a secure backend proxy. Client-side API keys will be exposed.

System Requirements

  • Node.js: v18 or higher
  • NPM: v8 or higher
  • Browser: Modern browser with ES6 support
  • API Key: LLM API key

Need Help?

GitHub Docs

Full documentation on GitHub

View on GitHub

Community

Join discussions and get help

Join Community

Report Issues

Found a bug? Report it on GitHub

Report Bug